Scoping an Intrusion Using Identity, Host, and Network Indicators
Second half of a two-part series, this paper covers post identification activities. The techniques covered here could also be used for initial identification, but they're discussed here as though there is already an initial identification which can be used. The effort discussed herein, is...